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20/3, K/l (Item 1 from file: 349) 
DIALOG(R)File 349: PCT FULLTEXT 
(c) 2009 WIPO/Thomson. All rights reserved. 

01025666 **Image available** 

A SYSTEM AND METHOD FOR PREVENTING UNAUTHORIZED USE OF PROTECTED 

SOFTWARE UTILIZING A PORTABLE SECURITY DEVICE 
SYSTEME ET PROCEDE METTANT EN OEUVRE UN DISPOSITIF DE SECURITE PORTATIF 

POUR EMPECHER L'UTILISATION NON AUTORISEE D'UN LOGICIEL PROTEGE 
Patent Applicant/ Assignee: 
PACE ANTI-PIRACY INC, 1363 Meridian Avenue, San Jose, CA 95125, US, US 

(Residence), US (Nationality) 
Inventor(s): 

FONTANA Joseph M, 966 El Rio Drive, San Jose, CA 95125, US, 

CRONCE Paul A, 1475 Weaver Drive, 
San Jose, CA 95125, US, 
Legal Representative: 

SULLIVAN Stephen G (agent), Sawyer Law Group LLP, P.O. Box 51418, Palo 
Alto, CA 94303, US, 
Patent and Priority Information (Country, Number, Date): 

Patent: WO 200354662 A2-A3 20030703 (WO 0354662) 

Application: WO 2002US40185 20021217 (PCT/WO US02040185) 

Priority Application: US 200128581 20011220 
Designated States: 

(Protection type is "patent" unless otherwise stated - for applications 
prior to 2004) 

AE AG AL AM AT AU AZ BA BB BG BR BY BZ CA CH CN CO CR CU CZ DE DK DM DZ 
EC EE ES FI GB GD GE GH GM HR HU ID IL IN IS JP KE KG KP KR KZ LC LK LR 
LS LT LU LV MA MD MG MK MN MW MX MZ NO NZ OM PH PL PT RO RU SC SD SE SG 
SK SL TJ TM TN TR TT TZ UA UG UZ VC VN YU ZA ZM ZW 

(EP) AT BE BG CH CY CZ DE DK EE ES FI FR GB GR IE IT LU MC NL PT SE SI SK 
TR 

(OA) BF BJ CF CG CI CM GA GN GQ GW ML MR NE SN TD TG 

(AP) GH GM KE LS MW MZ SD SL SZ TZ UG ZM ZW 

(EA) AM AZ BY KG KZ MD RU TJ TM 
Publication Language: English 
Filing Language: English 
Fulltext Word Count: 9183 

A SYSTEM AND METHOD FOR PREVENTING UNAUTHORIZED USE OF PROTECTED 

SOFTWARE UTILIZING A PORTABLE SECURITY DEVICE 
Inventor(s): 
... CRONCE Paul A 

Patent Applicant/Inventor: 
Fulltext Availability: 
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Detailed Description 
Claims 

English Abstract 
A method and system for protecting software from 
unauthorized use on a computer system using an external security device 
(130) is disclosed. The method and system include encrypting the 
software to be protected using an encryption key. The 
use of the software on the computer system is then 
authorized by generating the encryption key within the security device 
(130) using information supplied from the softwre. Once the encryption 
key generated by the security device (130) is received on the computer 
system, the encryption key used to decrypt the encrypt 
software for execution on the computer system. 



Detailed Description 
A SYSTEM AND METHOD FOR PREVENTING UNAUTHORIZED USE OF 
PROTECTED SOFTWARE UTILIZING A PORTABLE SECURITY 
DEVICE 

FIELD OF THE INVENTION 

The present invention relates generally to the prevention of 
software piracy and more particularly to preventing 
unauthorized use of protected software by utilizing a 
portable personal security device. 

BACKGROUND OF THE INVENTION 

The problem of software piracy is well known in the 

computer industry. This problem results in substantial losses for 

software developers. Many methods have been used to 

try to prevent unauthorized use of software over the 

years, with limited success. Typically, the effort put out to break 

protection schemes is proportional to the value of the protected 

software. Thus, if a software 

program has high demand, such as a computer game, or 

has a high cost per unit, such as a professional tool sold to a small 

market, it is likely to be attacked by software 

hackers for the purpose of creating an unprotected version of the 

product. This unprotected version is then made available to others at low 

cost or recording industry and computer games 

industry, that some companies are unable to guarantee' the profitability 
of developing new software. 

Some of the methods of protecting software has 
included an external 

hardware device, which is plugged into the computer. This device is 
interrogated by the protected software for the purpose 
of authorizing the use of the software. 

Unfortunately, it is all too easy to analyze the 
software and provide a software 

bypass around the code which requests the authorization. More complex 
schemes have been used to obscure the authorization process and 
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protection scheme in an attempt... In the music industry, co-processor 
cards are used, along with the host 

processor, to provide complex effects and sound processing via plug-in 

coprocessor software modules. Such co-processor cards 

can al so be used for other purposes. Because the co-processor 

instruction sets are difficult and very complex, the potential market is 

small. The result is that the cost of co-processor 

software plug-in modules is high. Unfortunately, the 

high cost of the modules has resulted in a high percentage of 

unauthorized copies of the plug-in. ..on an attached coprocessor. The 

present invention addresses such a need. 

SUMMARY OF THE INVENTION 

The present invention provides a method and system for protecting 

software from unauthorized use on a computer system 

utilizing a security device. The method and system include encrypting the 

software to be protected using an encryption key. The 

use of the software on the computer system is then 

authorized by generating the encryption key within the security device 

using information supplied from the software. Once the 

encryption key generated by the security device is received on the 

computer system, the encryption key used to decrypt the encrypted 

software for execution on the computer system.., 

In a further aspect of the present invention, the identity of the 

encryption key is further maintained by first... 

..the scrambled encrypted security key is encrypted with a second 

encryption key that is generated by the security device from the 

information received from the software. When the 

encrypted scrambled encryption key is received on the computer system, 

the second encryption key provided with the software 

must be used to decrypt the encryption key before the encryption key can 

be descrambled and used to decrypt the software. 

According to the method and system disclosed herein, the protected 
software only contains part of the information needed 
for decryption, and must 
3 

receive the remaining information from the security device before the 
software can be used. Similarly, the security device 

cannot generate the encryption key without receiving information from the 
software. In the embodiment where the encryption key 
is randomized with information received from the 
software prior to being 

encrypted and sent to the computer system, the method ...a computer 
system and external security device with a co-processor plug-in board. 

FIG. 3 is a flow chart illustrating the process of protecting 

software from unauthorized use on a computer system in 

a preferred embodiment of the present invention. 

FIG. 4 is a flow chart illustrating the process of preparing a 

software package for use in accordance with the ... 

preferred embodiment of a keyset and the process of generating the 

keyset. 
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20/3,K/2 (item 2 from file: 349) 
DIALOG(R)File 349: PCT FULLTEXT 
(c) 2009 WIPO/Thomson. All rights reserved. 

00809296 **Image available** 

PORTABLE AUTHORIZATION DEVICE FOR AUTHORIZING USE OF PROTECTED INFORMATION 

AND ASSOCIATED METHOD 
PROCEDE ET DISPOSITIF D'AUTORISATION PORTATIF PERMETTANT D'AUTORISER 

L'UTILISATION D'lN FORMATIONS PROTEGEES 
Patent Applicant/ Assignee: 
PACE ANTI-PIRACY INC, 1363 Meridian Avenue, San Jose, CA 95125, US, US 
(Residence), US (Nationality), (For all designated states except: US) 
Patent Applicant/Inventor: 
CRONCE Paul Allen, 1475 Weaver 
Drive, San Jose, CA 95125, US, US (Residence), US (Nationality), 
(Designated only for: US) 
FONTANA Joseph M, 966 El Rio Drive, San Jose, CA 95125, US, US 
(Residence), US (Nationality), (Designated only for: US) 
Legal Representative: 
HAN Franklin Y (et al) (agent), Morrison & Foerster LLP, 755 Page 
Mill Road, Palo Alto, CA 94304-1018, US, 
Patent and Priority Information (Country, Number, Date): 
Patent: WO 200142888 Al 20010614 (WO 0142888) 

Application: WO 2000US12906 20000510 (PCT/WO US0012906) 

Priority Application: US 99169506 19991207; US 2000503778 20000214 
Parent Application/Grant: 

Related by Continuation to: US 2000503778 20000214 (CIP) 
Designated States: 

(Protection type is "patent" unless otherwise stated - for applications 
prior to 2004) 

AE AG AL AM AT AU AZ BA BB BG BR BY CA CH CN CR CU CZ DE DK DM DZ EE ES 
FI GB GD GE GH GM HR HU ID IL IN IS JP KE KG KP KR KZ LC LK LR LS LT LU 
LV MD MG MK MN MW MX NO NZ PL PT RO RU SD SE SG SI SK SL TJ TM TR TT UA 
UG US UZ VN YU ZA ZW 

(EP) AT BE CH CY DE DK ES FI FR GB GR IE IT LU MC NL PT SE 

(OA) BF BJ CF CG CI CM GA GN GW ML MR NE SN TD TG 

(AP) GH GM KE LS MW SD SL SZ TZ UG ZW 

(EA) AM AZ BY KG KZ MD RU TJ TM 
Publication Language: English 
Filing Language: English 
Fulltext Word Count: 15293 

Patent Applicant/Inventor: 
CRONCE Paul Allen... 

Legal Representative: 
Fulltext Availability: 

Detailed Description 

Claims 



Detailed Description 

... beginning of each regular issue of'the PCT Gazette. 
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PORTABLE AUTHORIZATION DEVICE 

FOR AUTHORIZING USE OF PROTECTED INFORMATION 

AND ASSOCIATED METHOD 

CROSS-REFERENCE TO RELATED APPLI CATI ONS 
This application claims priority to provisional 
Application No. 60/169,506, filed December 7, 1999 and 
to utility Application No. 09/50' ),778, filed 
February 14, 2000. 

1 0 BACKGROUND OF THE INVENTION 
I . Field of the Invention 

This invention relates generally to techniques... 

..authorization device (commonly known as a "dongle") for authorizing a 
host system to use protected information. 
1 5 

2. Description of the Related Art 

A software "wrapper" is a conu-nonly used technique 

for selectively authorizing the use of protected information associated 

with a host system such as a personal computer or a server. The protected 

information, for example, may comprise a software 

program to be executed, or data to be processed, by 

the host system. The software wrapper permits an 

end-user to access or execute the protected program or 

data only if a predetermined condition is met. The predetermined 

condition can be, for example, the running of a trial period that allows 

the end-user to evaluate the protected program or data 

or the presentation of the proper authorization information by the 

end-user. The authorization information, for example, may be a password 

manually entered by the end-user or digitally encoded data. A discussion 

of software wrappers can be found, for example, in The 

Seybold Report on Internet Publishing, Dec. 1997, no. 4, vol. 2, p. 3. 

There are several techniques... 

..Dongles are small, readily transportable electronic devices as 
described, for example, in U.S. Patent No. 4,562,306. Dongles are 
typically provided by the software vendor together 
with the wrapped software program 
they are intended to authorize. 

To enable the software program to 

run on a particular computer, the end-user simply connects the dongle to 
a communications port of the computer, such as a parallel port or 
Universal Serial Bus (USB) port. Therefore, the end-user can authorize a 
number of different computers to run the program 
simply by connecting the dongle to whichever computer that he or she 
desires to run the program on at any given time. 

However, a disadvantage presented by dongles is that they typically store 
authorization information for only one software 
program or perhaps for a group of 
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software I 0 programs from a single 

vendor. Consequently, because an end-user typically might use several 
software programs from multiple 

vendors at any given time, he or she might have to carry around multiple 
dongles, which could be cumbersome and inconvenient. 

Another disadvantage is that the authorization information stored in the 

dongle is typically set by the software vendor during 

manufacture and generally cannot be 1 5 subsequently updated. As a 

result, when a software vendor provides an end-user 

with a software upgrade, add-on or plug-in, etc. for a 

protected software program, the 

vendor often also delivers a new dongle to authorize the associated 

software. This is not very costeffective for 

software vendors because the cost of the dongle itself 

can be significant in relation to the value of the associated 

software. 

In a second technique known in the art, the authorization information is 
stored on a magnetic floppy disk known as a "key diskette." The key... 

,..a type of information authority, which is a secure and trusted device 
for transmitting and receiving information. The key diskette is typically 
provided by the software vendor with the wrapped 
software program . To authorize the 
software program to run on a 

particular computer, the end-user inserts the key diskette in the 
computer to transfer the authorization information, typically a secret 
key, from the key diskette to the hard disk drive of the computer. Before 
the computer begins execution of the program, the 
software wrapper verifies that the correct key is 

present on the hard disk drive, and if so, allows the computer to execute 
the program . This technique is used in the Pace 

Anti-Piracy InterLok product, which was developed by the applicant of the 
present invention. 

An advantage of this technique over dongles is that authorization 

information for many different software 

programs from multiple vendors can be stored on the 

hard disk drive of the computer. Consequently, an end-user who runs 

multiple programs on a 

2 

computer does not need to keep multiple 
key diskettes on hand to authorize each of the 
programs. 

This technique suffers from several shortcomings, however. First, the 
authorization information is not readily transferable between computers. 
Typically, the key diskette is permitted to transfer... 

..because it is stored on that computer's internal hard disk drive. 
Consequently, if the enduser wants to authorize a new computer to run a 
software program but the key 

diskette has run out of authorizations, the authorization information 
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must be removed from one of the computers containing the authorization 
information and. ..to enable functions on multiple computers. 

An advantage of the security device described in the '891 patent is that 
it is relatively inexpensive for a software vendor to 
provide authorization information for software 

updates, add-ons, plug-ins, etc. because the authorization information is 
delivered using smart cards rather than dongles. Smart cards are 
significantly less expensive than... 

...increases the complexity and cost of the security device because it 
necessitates that the device implement memory management or protection 
mechanisms in hardware and/or software. Second, the 
security device apparently is not capable of receiving authorization 
information from multiple types of information authorities. The '891 
patent mentions that the security... 

...such as floppy disks or computer servers. Consequently, it appears that 
the use of the security device as an authorization device is limited to 
those software vendors that support smart cards as a 
data delivery mechanism. 

In view of the shortcomings of the above-described techniques, it is an 
object of.. .is presented to enable any person skilled in the art to make 
and use the invention, and is provided in the context of a particular 
application and its requirements. Various 

modifications to the preferred embodiment will be readily apparent to 
those skilled in the art, and the generic principles defined herein may 
be applied to other embodiments and applications 
without departing I 0 from the spirit and scope of the invention. 
Moreover, in the following description, numerous details are set forth 
for purpose of... 

...illustrates an authorization system 100 in accordance with a presently 
preferred embodiment of the invention. The authorization system 100 
comprises one or more access control programs II 7 
associated with a host system 1 1 0, a portable authorization device 140, 
and one or more information authorities 160, 180 and 185... 

...use a plurality of items of protected information II 5 associated with 
the host system, as described in detail below. 

Each of the access control programs II 7, which may 

also be referred to as a software wrapper," is used to 

control access to one of the respective items of protected infon-nation I 

1 5. The access control program I 1 7 authorizes the 

host system I 1 0 to use the associated item of protected information I 1 

5 only if the end-user provides the correct authorization information to 

the access control program . The access control 

programs II 7, in conjunction with the host system I I 

0, are also used to control communications between the indirect 

information authorities 180 and 185 and the host system I 10. Each item 

of protected information 1 15 and respective access control 



EIC3600 SEARCH RESULTS 



10 



11/12/2009 



20/3,K/3 (item 1 from file: 350) 
DIALOG(R)File 350: Derwent WPIX 
(c) 2009 Thomson Reuters. All rights reserved. 

0013615529 - Drawing available 
WPI ACC NO: 2003-710864/200367 
XRPX Acc No: N2003-568440 

Software license information delivery method, involves 

validating signed license using publisher public key and using terms to 

control use of software product 

Patent Assignee: CRONCE PA (CRON-I) 

Inventor: CRONCE P A 

Patent Family (1 patents, 1 countries) 

Patent Application 

Number Kind Date Number Kind Date Update 

US 20030149670 Al 20030807 US 200272597 A 20020205 200367 B 

Priority Applications (no., kind, date): US 200272597 A 20020205 

Patent Details 

Number Kind Lan Pg Dwg Filing Notes 
US 20030149670 Al EN 20 10 

Software license information delivery method, involves 

validating signed license using publisher public key and using terms to 

control use of software product 

Original Titles: 

Method and system for delivery of secure software 
license information 
Inventor: CRONCE P A 

Alerting Abstract ...response to a key authority receiving a signed 
license request. The license is signed with a publisher private key and is 
transmitted to an authorizing program. The signed 
license is va... 

...lidated using the publisher public key and the license terms are used to 
control use of software product.USE - Used for 
delivering license information to control licensed 
software usage... 

...DESCRIPTION OF DRAWINGS - The drawing shows a flow diagram for the 
process of delivering secure license information to a 
software program . 

Title Terms/Index Terms/ Additional Words: SOFTWARE; 

Original Publication Data by Authority 

Argentina 
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Assignee name & address: 
Inventor name & address: 
Cronce, Paul A... 
Examiner: 
Original Abstracts: 

A system and method for delivery of secure software 
license information to authorize the use of a 
software program is disclosed. 
The method and system comprises a 
computer system for executing the software 
program and the authorizing 
program, and a license server, 

connected to the computer system over a network. The method and system 
include associating a publisher certificate and a signed product key pair 
with the program to be authorized, 

generating a license request containing user and product 
information and signed by the private key from the product key pair, 
transmitting the license request to a... 

...the license request and license terms, signing the license with the 

publisher private key associated with the publisher certificate, 

transmitting the license to the authorization program, 

validating the license using the publisher certificate, 

and using the license terms to control the use of the 

software program. 

Claims: 

What is claimed is: 1 . A method for the delivery of secure 
software license information to authorize use of a 
software product, the method 
comprising the steps of: (a) associating with a 
software publisher a private and 
public key pair, 
wherein the software publisher 
provides the software product and 
includes a 
software program 
and an authorization program 
within the software product; (b) 
associating a product private and 
public key with the 

software product, and including the product private key 

with the authorization program; (c) 

upon invocation of the software 

product on a computer, (i) generating by the 

authorization program a license request containing 

user and product information, (ii) digitally signing the 

license request with the product private key, and (iii) 

transferring the signed license request to a key authority, (d) in 

response to the key authority receiving the signed license request... 

...from the license request and license terms, (ii) signing the license 
with the publisher private key, and (iii) transmitting the signed license 
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to the authorizing program ; and (e) validating the 

signed license using the publisher public key, and using the license terms 

to control the use of the software product. 
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(c) 2006 European Patent Office 
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Your case 

14/3, K/l (Item 1 from file: 350) 
DIALOG(R)File 350: Derwent WPIX 
(c) 2009 Thomson Reuters. All rights reserved. 

0013615975 - Drawing available 
WPI ACC NO: 2003-711321/200367 
XRPX Acc No: N2003-568873 

License-managed toolset delivery method involves using same 

authorization process by software 

toolset and software product to obtain respective 

licenser 

Patent Assignee: CRONCE P A (CRON-I) 
Inventor: CRONCE P A 
Patent Family (1 patents, 1 countries) 
Patent Application 

Number Kind Date Number Kind Date Update 

US 20030156719 Al 20030821 US 200280639 A 20020221 200367 B 

Priority Applications (no., kind, date): US 200280639 A 20020221 

Patent Details 

Number Kind Lan Pg Dwg Filing Notes 
US 20030156719 Al EN 25 13 

License-managed toolset delivery method involves using same 

authorization process by software 

toolset and software product to obtain respective 

licenser 

Alerting Abstract ...NOVELTY - When the authorization 
process is invoked in the software toolset/software 
product, the toolset publisher/software product publisher is the publisher 
in the process, and the toolset/software product is the software program in 
the process. A software toolset and a software product 
use the same authorization process to obtain respective 
licenses. 

Original Publication Data by Authority 
Argentina 

Assignee name & address: 
Original Abstracts: 

A method for delivery of a licensed toolset to a software publisher for 
creating license-managed software products is disclosed. 
<B>The method comprises providing an 
authorization process, and implementing the 

authorization process for both a toolset publisher and related toolset and 

a software publisher and related software product, 

whereby the same authorization 

process is used to obtain respective licenses. The 
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authorization process includes creating a first public and private key pair 

for the software publisher, creating a second public and private key pair 

for the software product, creating an 

authorization program for the 

software program, with embedded 

copies of the first and second public 

keys, and combining the software 

program and the authorization 

program, such that when 

the authorization 

program is invoked, the 

authorization program obtains a 

license for controlling the use of 

the software program. The license is obtained by 

creating a license 

request, encrypting the 

license request using the 

second private key, transmitting the 

license request to a 

key authority, receiving a 

license from the key authority with license terms, 

decrypting the license, and using the license terms to control the use of 

the software program. 

Claims: 

...is: 1 A method for deliver of a license-managed toolset for 

creating a license-managed software product, the method comprising the step 

of: (a) providing an authorization 

process, the authorization process including the steps 

of: (i) creating a first public and private key pair 

for a software publisher, (ii) creating a second public 

and private key pair for a software 

program, (iii) creating an 

authorization program for the 

software program, and embedding a 

copy of the first and second public keys 

in the authorization 

program, (iv) 

combining the authorization 

program with a software 

program, such that when the software 

program is invoked 

on a computer, the authorization 

program obtains a license 



16/3,K/1 (Item 1 from file: 349) 
DIALOG(R)File 349: PCT FULLTEXT 
(c) 2009 WIPO/Thomson. All rights reserved. 

01719677 **Image available** 

WAGER GAME LICENSE MANAGEMENT IN A GAME TABLE 
GESTION DES LICENCES DE JEU DE PARI DANS UNE TABLE DE JEU 
Patent Applicant/ Assignee: 
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IGT, 9295 Prototype Drive, Reno, Nevada 89521, US, US (Residence), US 
(Nationality), (For all designated states except: US) 
Patent Applicant/Inventor: 
NGUYEN Binh T, 13210 W. Saddlebow Drive, Reno, Nevada 89511, US, US 
(Residence), US (Nationality), (Designated only for: US) 
Legal Representative: 
WOLF Dean E et al (agent), Weaver Austin Villeneuve & Sampson LLP, 
P.O. Box 70250, Oakland, California 94612-0250, US 
Patent and Priority Information (Country, Number, Date): 
Patent: WO 2008116003 Al 20080925 (WO 08116003) 

Application: WO 2008US57525 20080319 (PCT/WO US2008057525) 

Priority Application: US 2007726596 20070321 
Designated States: 

(All protection types applied unless otherwise stated - for applications 
2004+) 

AE AG AL AM AO AT AU AZ BA BB BG BH BR BW BY BZ CA CH CN CO CR CU CZ DE 
DK DM DO DZ EC EE EG ES FI GB GD GE GH GM GT HN HR HU ID IL IN IS JP KE 
KG KM KN KP KR KZ LA LC LK LR LS LT LU LY MA MD ME MG MK MN MW MX MY MZ 
NA NG NI NO NZ OM PG PH PL PT RO RS RU SC SD SE SG SK SL SM SV SY TJ TM 
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Detailed Description 

... network that uses a secure virtual network. 

FIGURE 9 is a block diagram depicting software transactions in a gaming 
software distribution network controlled by a software 
authorization agent. 

FIGURE 10 is an interaction diagram between a gaming software 
distributor, gaming software provider and a 
software authorization agent 

depicting an initialization of a gaming software transaction. 
FIGURE 11 is an interaction diagram between a gaming software 
distributor, a gaming software provider and a 
software authorization agent 
depicting a gaming software transaction. 

FIGURE 12 is an interaction diagram between a gaming software 
distributor, a gaming machine and a software 
authorization agent depicting a gaming 
software transaction. 
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FIGURE 13 is flow chart depicting a method in a 
software authorization agent 
initializing a gaming software transaction. 

FIGURE 14 is flow chart depicting a method in a 
software authorization agent of 
authorizing a gaming software 
transaction. 

FIGURE 15 is a block diagram of an interface used to provide information 
about gaming software transactions generated by a 
software authorization agent. 

FIGURE 16 is a block diagram of a gaming system of the present invention. 



FIGURES 17A-D are block diagrams showing interactions between different 
...be the only viable way to provide cost effective gaming services via a 
network. The virtual network is enabled by an encryption scheme which 
utilizes multiple key encryption 

and symmetric encryption keys to provide secure communication of 
sensitive gaming data. For each session, the symmetric encryption keys 
may be randomly generated or... requested may be generated. In 745, the 
billing request message may be sent to the gaming machine owner 
identified in the gaming license request message. 

SOFTWARE DISTRIBUTION WITH DOWNLOAD 
AUTHORIZATION 

USING A VPN 

FIGURE 8 is a block diagram of gaming software distribution network that 
uses a secure virtual network. In the present invention, gaming software 
may be transferred between various gaming devices, in a gaming 
software distribution network 90, after receiving 
authorization from a gaming 
software authorization agent 50. 
The gaming software authorization 

agent 50 may be a conventional data server including but not limited to a 
database 202, a router 206, a network interface 208, a CPU... 

..CPU 204 executes software to provide the functions of the authorization 

agent 50 as will be described below in more detail. In general, the 

gaming software authorization agent 

50 approves all gaming software transactions between 

two gaming devices in the gaming software distribution network and stores 

a record of the gaming software transactions. Database 202 may be used... 

..so that gaming machine operators may more easily reconfigure gaming 
machines with different gaming software to respond to shifting customer 
tastes and demands. The gaming software 
authorization agent 50 meets this need by allowing 
gaming software to be electronically transferred between gaming devices, 
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such as game servers and gaming machines, in a manner that may be easily 

monitored and regulated. For instance, the software 

authorization agent 50 may be maintained or supervised 

by a gaming regulatory agency. However, the software 

authorization agent 50 may also be maintained by a 

gaming entity that controls many gaming properties to track software 

distributions on various gaming machines. In addition, besides monitoring 

electronic transfers of gaming software, the 

software authorization agent 50 may 

also be used to store a record of any change of gaming software on a 
gaming machine such as changes resulting from. ..casino accounting office 
142 may obtain information from gaming devices connected to the RF 
network via the Internet 304. 

In the present invention, records of authorizations 
for the transfer of gaming software between gaming 
devices may be stored in the database 202. Thus, given an initial 
distribution of gaming software in the gaming software distribution 
network 90 for each gaming device, the gaming software 
authorization records may be used to track the gaming 
software distribution for gaming devices in the gaming distribution 
network as a function time. This tracking capability... 

...is described with respect to FIG. 15. 

FIGURE 9 is a block diagram depicting software transactions in a gaming 
software distribution network controlled by a software 
authorization agent. Gaming 
software transactions between a 
software authorization agent 50, a 
gaming software distributor 53, a gaming software 
content provider 51 and two gaming machines, 54 and 55 in a gaming 
software distribution network are described. In FIG... 
...purposes only and the present invention is not limited to the gaming 
devices shown in the Figure. 

As described with respect to FIG. 8, the software 
authorization agent 50 is used to 
authorize gaming software transfer 

between two gaming devices. For instance, in 214, the gaming software 
distributor 53, which may be a game server maintained by a casino, may 
contact the software authorization 

agent 50 to request a transfer of gaming software from the gaming 
software provider 51 to the gaming distributor 53. 

The gaming distributor may also contact the software 

authorization agent to request a transfer of gaming 

software from the gaming software provider 51 to another gaming device 

such as gaming machine. The software 

authorization agent 50 may approve or deny the request 

depending on the gaming software transaction information contained in the 

request. For instance, if a gaming device, such as the gaming software 

distributor 53, cannot be identified and authenticated by the 
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software authorization agent 50, 
then the software authorization 

agent 50 will deny the request for the transfer of gaming software. As 

another example, if the gaming device, has requested a software title 

that is unknown to the software 

authorization agent 50, then the 

software authorization agent will 

deny the request for the transfer of gaming software. 

Some details of this gaming software transaction are described with 
respect to FIG. 

11, 13 and 14. 

After receiving authorization from the 
software agent, the gaming software distributor 53 may 
contact the gaming software content provider 51 and receive an 
electronically download of gaming software from the content... 

..occur directly between two gaming devices as shown in 210. In another 
embodiment of the present invention, gaming software transfers may be 
routed through the software 
authorization agent 50. For instance, to transfer 
gaming software to the gaming software distributor 53, the gaming 
software content provider 51 sends the gaming software 
to the software authorization agent 
50 which then forwards the software to the gaming 
software distributor. When the 
software authorization agent 50 
receives the gaming software it may perform one or 

more checks on the gaming software to insure it has been approved for use 
or just simply forward to the destination gaming device without 
additional checks. All or a portion of the gaming software transfers may 
be routed through the software 
authorization agent 50. 

In 212, prior to downloading gaming software to the gaming distributor or 

any other gaming device, the gaming software content provider 51, which 

may be a game server maintained by a company that develops gaming 

software or owns the rights to gaming software, may validate the gaming 

software transaction with the 

software authorization agent 50. 

The gaming software content provider 51 may send 

gaming software transaction information received in a request for a 

transfer of gaming software received from a gaming device, such as the 

gaming software distributor 53, to the gaming software 

authorization agent 50. The 

software authorization agent 50 may 

use the gaming software transaction information to approve or reject the 
transfer of the gaming software. The details of this gaming software... 

..After sending the gaming software to the gaming software distributor 53, 
the gaming software content provider 51 may report details of this 
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transaction to the software 

authorization agent 50 in 212. For instance, the 

gaming software provider may generate a gaming software transaction 

receipt that includes a unique digital signature for the... 

...after receiving the gaming software from the gaming software content 
provider 51, the gaming software distributor 53 may report details of 
this transaction to the software 
authorization agent 50 in 214. For instance, the 

gaming software distributor 53 may generate a gaming software transaction 
receipt that includes a unique digital signature for the gaming 
software that was received. The 
software authorization agent 50 may 

compare receipts from the sender and the receiver of the gaming software 
to insure the correct gaming software has been transferred between... 

...and calculate a digital signature. The digital signature may be sent to 
the gaming distributor 53 through the local area network and forwarded to 
the software authorization agent 50 
to complete the transaction. 

In another embodiment, after a request from a gaming software distributor 
53, in 220, a gaming software content provider... 
...may unpack the software, which may have been compressed, and send 
acknowledgements of the transfer directly to the gaming software content 
provider 51, the gaming software distributor and the 
software authorization agent. 

In yet other embodiments, a game server, such as the gaming software 
distributor 53, may be used to reconfigure the gaming software on a... 

...gaming software to the gaming machine. 

The transfer of gaming software from the game server to the gaming 
machine may require an approval from the software 
authorization agent 50. Further, even if the an 

approval is not required, gaming software transaction information may be 

sent to the software authorization 

agent so that the gaming software residing on any 

gaming machine at a particular time may be known. Details of a gaming 

software transaction between a gaming machine 54, a game server 53 and 

software authorization agent 50 are 

described with respect to FIG. 12. 

The present invention is not limited to only electronic transfers of 

gaming software between gaming devices. The 

authorization methods may be also be applied to the 

manual installation of gaming software. For example, prior to manually 

installing gaming software on a gaming machine, an installation 

technician may request approval of the gaming software 

transaction from a software 

authorization agent 50 using a hand-held wireless 

device. The gaming software, which may be stored on a memory device such 
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as CD-ROM may been., 



..installed on a gaming machine and information regarding the gaming 
machine may be entered into the hand-held wireless device and then sent 
to the software authorization 
agent. The software authorization 

agent may use this information to approve the gaming software transaction 
and to track the gaming software installed on gaming machines. 

In another example, a technician may use the software 

authorization agent to manually check gaming 

software installed on a gaming machine. The technician 

may read gaming software information from a particular gaming machine and 

then using a hand-held wireless device relay the gaming machine software 

information and gaming machine information to the 

software authorization agent 50. 

The software authorization agent 50 

may compare the information received from the hand-held wireless device 
with gaming software information stored in a gaming software registration 
database to determine whether the gaming machine has the correct 
software installed on it. The 
software authorization agent may 

send a message to the hand-held wireless gaming device indicating whether 
or not the correct gaming software is installed on a gaming... 

..particular gaming machine and what gaming software upgrades are 
available. When performing gaming machine maintenance, a gaming machine 
operator may request this information from the 
software authorization agent 50 to 
aid in the maintenance process. 

Gaming software may be transferred between two gaming devices using a 
wireless communication connection. For example, within... 

..also be performed using cellular communication technologies with 
cellular communication standards used in the cellular communication 
industry. 

As described with respect to FIG. 8, the software 
authorization agent 50 may include a gaming software 
transaction database. The gaming software transaction database may be 
used to track the distribution of gaming software on... 
..instance, in 216, a gaming software content provider may request a 
report regarding downloads of their gaming software from game servers to 
gaming machines. The software 

authorization agent 50 may receive the request, query 

the gaming software transaction database and generate a report for the 

gaming software content provider. This type of... 

..and market trending involving the transfer and the use of gaming 
software. 

FIGURE 10 is an interaction diagram between a gaming software distributor 
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53, gaming software provider 51 and a 
software authorization agent 50 

depicting an initialization of a gaming software transaction for one 
embodiment of the present invention. The example is provided for 
illustrative purposes only... 

..request message matches gaming software identification information 
contained in a database used by the agent 50. 

In 922, when the download request is approved, the 

software authorization agent 

creates a gaming software transaction record and 

stores the record to a gaming software transaction database. The gaming 

software transaction record may include but is not limited to gaming... 

..be loaded to a game server. Each time the game server downloads the 
gaming software to a gaming machine, it may request permission from the 
software authorization agent 50 
using the transaction number in the original record. The 
software authorization agent may 
authorize the game server to download the software to 
a gaming machine as long as the number of permitted downloads has not 
been exceeded. 

In 922 and 923, the software 

authorization agent may send an approval message with 

all or a portion of the gaming software transaction information stored in 

the gaming software transaction record to... 

...agent may send a notification message to the gaming software provider 
51. The message may notify the gaming software content provider 51 that 
a gaming software transaction has been 
authorized that allows some of the provider's 51 to be 
transferred to another gaming device. 

FIGURE 11 is an interaction diagram between a gaming software 
distributor, a gaming software provider and a 
software authorization agent 

depicting a gaming software transaction. In 850, the 
distributor may generate a software download request message. The 
download request message may include gaming software transaction 
information generated in the... 

..51 sends the message to the distributor 53. In 857, the distributor 
receives the message and decrypts it with the K(S) received from the 
software authorization agent 50 in 
the authorization message. 

In 859, the software provider 51 may optionally 
generate a download request message to validate the gaming software 
transaction requested by the distributor. The download request message 
may include. ..by the destination gaming device and the session encryption 
key, K(S). In one embodiment, the download package and reply may be 
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routed through the software 

authorization agent 50 which may perform checks on the 

gaming software before forwarding it to the destination gaming machine. 

Thus, the download package and receipt may be encrypted with the public 

encryption key used by the software 

authorization agent 50. 

The download package and the download receipt may go to separate gaming 
devices. In one embodiment, the download package may be forwarded by... 

...was described with respect to FIG. 9. 

FIGURE 12 is an interaction diagram between a gaming software distributor 

53, a gaming machine 54 and a software 

authorization agent 50 depicting a gaming 

software transaction. In this example, the distributor 

53 may be a game server operated by a casino and the gaming machine 54 

may be one of... 

...purposes. 

Optionally, in 978, the gaming machine 54 may generate a receipt or some 
other type of acknowledgement message that it has received the gaming 
software and send it to the 

authorization agent 50. In 968, the game server of the 

distributor 53 may also send a receipt or acknowledgement message to the 

agent 50. In 970... 

...the acknowledgement messages to determine if the gaming software 
transaction has been correctly carried out. 

FIGURE 13 is flow chart depicting a method in a 

software authorization agent 

initializing a gaming software transaction. In 1000, 

the agent receives a gaming software transaction session request message 
from a gaming software distributor or another gaming entity desiring a 
transfer... 

...1002, the authorization may check to determine if the requestor 
identified in the message is in a local of database of gaming entities 
that are authorized to request transfers of gaming 
software. When the requestor is not in the database, 
in 1004, the agent may terminate the transaction and generate a record of 
the attempted transaction and... 

...for a gaming software title unknown to the agent. 

In 1016, when information in the download request has been validated, the 

agent may generate an authorization record for the 

gaming software transaction as previously described 

with respect to FIG. 9. The agent may also generate an acknowledgement 

message and send it to the requestor. In 1018... 
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...has been received, the agent may store a record of the authorized 
transaction to a database. In one embodiment, the agent may also notify a 
software content provider that has been 
authorized to transfer the gaming 
software of the pending gaming 
software transaction that has been 
authorized. 

FIGURE 14 is flow chart depicting a method in a 
software authorization agent of 
authorizing a gaming software 

transaction. In 1100, the agent receives a gaming software transfer 

request form a gaming device. The transfer request may describe a gaming 

software transaction previously generated and 

authorized by the agent. The gaming device may be a 

game server, a gaming machine or any other gaming device that is allowed 

to receive gaming... 

...for an electronic fund transfer or other payment method. 

FIGURE 15 is a block diagram of an interface 1200 used to provide 
information about gaming software transactions 
generated by a software 

authorization agent. The interface menu 1210 may allow 
a user to view information in different formats, perform queries of a 
gaming software transaction and perform other... 
...being used. To ensure fairness, gaming regulators need to be able show 
that game software residing on a gaming machine is authentic and approved 
game software from an authorized 

content provider. In light of the above, methods that automate the game 
changeover process on gaming machine while providing an accurate record 
of the software... or erase itself when an attempt at tampering has been 
detected. 

The gaming system 1500 of the present invention may include devices 1506 

that provide authorization to download 

software from a first device to a second device and 

devices 1507 that provide activation codes or information that allow 

downloaded software to be activated. The devices, 1506 and 1507, may be 

remote servers and may also be trusted information sources. Details of a 

software authorization agent 50 

used to authorize the downloading of game 

software are described with respect to FIGs. 9-11. One 

example of a method of providing product activation codes that may be 

used with the present... such as a mobile gaming device, the software 

certificate 1564 may determine what type of device it is located on. If 

it is not on authorized device, the 

software certificate 1564 may prevent the software 

application 1562 from executing. 

The download history and the usage history may provide records of the 
origins of the. ..communication interface between the hand held device and 
a particular gaming device. 
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The gaming system 1300 comprises a central game software host 1572, a 
local software download 
authorization agent 1506 for 
authorizing software downloads, a 

license server 1552, two software caches, 1304 and 1306, a game play host 
1503 connected to two game play interfaces, 1511, four gaming... 

...system 1300 may be combined or overlapped. For example, a single server 
may provide the functions of the central game software host 1572, the 
local software download 

authorization agent 1506 and the license server 1552. 

In another example, the gaming machine, in some instances, may act as a 

game software host, a software... 

...for more details). 

The gaming machine 2 may include software 1430 for acting as a download 

authorization host as described with respect to FIGs. 9 ( 

software authorization agent 50) or 

FIGs. 16 and 18 (software download 

authorization agent 1506). As a download authorization 

host, the gaming machine may receive requests from other gaming devices 

requesting permission to download software to another the. ..has multiple 

components, each component may have its own certificate. In one 

embodiment, a licensing agent on the gaming machine reads the 

certificate(s) and creates a 

license request for a token from 

the local license server. If it is not built-in, a software agent may 
send a request for a token, receive. ..To ensure fairness, gaming 
regulators need to be able show that game software residing on, for 
example, a game table is authentic and approved game 
software from an authorized content 

provider. For certain entities, such as game content providers, to be 
properly compensated they may also need to know the locations their 
software is... 
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Detailed Description 

... network that uses a secure virtual network. 

FIGURE 9 is a block diagram depicting software transactions in a gaming 
software distribution network controlled by a software 
authorization agent. 

FIGURE 10 is an interaction diagram between a gaming software 
distributor, gaming software provider and a 
software authorization agent 

depicting an initialization of a gaming software transaction. 

FIGURE 11 is an interaction diagram between a gaming software 
distributor, a gaming software provider and a 
software authorization agent 
depicting a gaming software transaction. 

FIGURE 12 is an interaction diagram between a gaming software 
distributor, a gaming machine and a software 
authorization agent depicting a gaming 
software transaction. 

FIGURE 13 is flow chart depicting a method in a 
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software authorization agent 
initializing a gaming software transaction. 

FIGURE 14 is flow chart depicting a method in a 
software authorization agent of 
authorizing a gaming software 
transaction. 

FIGURE 15 is a block diagram of an interface used to provide information 
about gaming software transactions generated by a 
software authorization agent. 

FIGURE 16 is a block diagram of a gaming system of the present invention. 



FIGURES 17A-D are block diagrams showing interactions between different 
...be the only viable way to provide cost effective gaming services via a 
network. The virtual network is enabled by an encryption scheme which 
utilizes multiple key encryption 

and symmetric encryption keys to provide secure communication of 
sensitive gaming data. For each session, the symmetric encryption keys 
may be randomly generated or.. .license requested may generated. In 745, 
the billing request message may be sent to the gaming machine owner 
identified in the gaming license request message. 

SOFTWARE DISTRIBUTION WITH DOWNLOAD 
AUTHORIZATION 

USING A VPN 

FIGURE 8 is a block diagram of gaming software distribution network that 
uses a secure virtual network. In the present invention, gaming software 
may be transferred between various gaming devices, in a gaming 
software distribution network 90, after receiving 
authorization from a gaming 
software authorization agent 50. 
The gaming software authorization 

agent 50 may be a conventional data server including but not limited to a 
database 202, a router 206, a network interface 208, a CPU... 

..CPU 204 executes software to provide the functions of the authorization 

agent 50 as will be described below in more detail. In general, the 

gaming software authorization agent 

50 approves all gaming software transactions between 

two gaming devices in the gaming software distribution network and stores 

a record of the gaming software transactions. 
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... many ways, eg: clients speak with each other. Clients 'analyze / 'ba 
the services/invention features. INTERACTIVE = the more the better. Live 
versus automated phone attendants. LI CENSEE / 
LICENSOR = Client and Landlord behavior ['ba]. How they 
maximize/minimize, monetary income/expenditures/royalty fees. 'W5 
something is licensed/used. 'W5 licensee/licensors don't... 

...by colons. E I, Electronic 'Fq, Frequency —the 
electrical type. 'IMI, Feature, Part, and maybe Function KN, N, 
Invention. Often followed by colons. 'KW, Key words. 
Often followed by colons. .'Nr, Notifier, Alerts 'Misc, Miscellaneous 
Obvious, Exists OTD, Other technical details, ForTechies, Read later. 
Often followed by colons. SW...data can also be entered into computer 
without tedious computer mouse)-> CPU (software analyzes entered data) 
= Software analyzes database of each entered part with its 
multiple uses also shown in a pattern of branching 
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trees (this database can be the invention tree) = Software converts 
originally inputted diagram into hundreds of types... 

...fraction of the applicable US Patent Classification numbers. . 
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approach, avenue, connection, contact, course, door, entrance, entree, 
entry, introduction, key, open door (slang), passage, 
path, road, route, way . US Patent Classification code for Access: 726.4 
Information Security / Authorization . Alternatives & Keywords for 
ADAPTING feature: acclimate... 

..organize, pool, proportion, pull together, reconcile, reconciliate, 
regulate, shape up, synchronize, systematize, team up Alternatives & 
Keywords for DESIGNATED feature: allocate, allot, appoint, apportion, 
appropriate, assign, authorize, button down (slang), 
characterize, charge, choose, commission, connote, constitute, define, 
delegate, denote, depute, deputize, describe, dictate, earmark (slang), 
elect, evidence, favor, finger (slang), indicate, individualize. ..be 
"clap" (make bursts of sound, eg: three beeps = the number 3 of tel #) 
Voice Activated Key Pad: by making clear monotones in single or 
multiple bursts their corresponding 
key act as if pressed on normal key pad. Sounds can be 
of certain letters to ease memory for people in each language group. For 
people. ..therapeutic. Therapy machine helping people. Also, compensates 
for user's state of mind and or current personal info, and or condition, 
based on: what user keys in, are how well they scored 
in the previous physical therapy session. TILT ™ ='Remote 
Control Joystick. Otherwise confidential. TR = Transmission: sending / 
receiving via: air... 

..Programming (adapt) on how it tailors systems to the traits of the users 
and or situations. 

U = See User UIP= See Adapt UK ™ = User Keys 

In Information. This combines the U (user) with the K. (keyboard) 

feature. Or just call this feature "K" or "R" (remote control) as a user 



..be 'tailored to the user / what is perceived as the user's belief for 
what the [stolen] 'accessed feature possesses. This data can become 
legally authorized software like 

virus [which leaves a trail] that can hopefully later be deactivated 
if/when time is right [hacker apprehended along with their accomplices]. 
This patent... designated" key words (found via saw's search function) of 
files, or functions (their labels, command codes, instructions, 
"q"). -Accessor is assigned a list of key words, these 
child*, kid*, image*, imaging, create, creating... 



N OUK CASE 

20/3,K/l (Item 1 from file: 349) 
DIALOG(R)File 349: PCT FULLTEXT 
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01025666 **lmage available** 

A SYSTEM AND METHOD FOR PREVENTING UNAUTHORIZED USE OF PROTECTED 

SOFTWARE UTILIZING A PORTABLE SECURITY DEVICE 
SYSTEME ET PROCEDE METTANT EN OEUVRE UN DISPOSITIF DE SECURITE PORTATIF 

POUR EMPECHER L'UTILISATION NON AUTORISEE D'UN LOGICIEL PROTEGE 
Patent Applicant/ Assignee: 
PACE ANTI-PIRACY INC, 1363 Meridian Avenue, San Jose, CA 95125, US, US 

(Residence), US (Nationality) 
Inventor(s): 

FONTANA Joseph M, 966 El Rio Drive, San Jose, CA 95125, US, 

CRONCE Paul A, 1475 Weaver Drive, 
San Jose, CA 95125, US, 
Legal Representative: 

SULLIVAN Stephen G (agent), Sawyer Law Group LLP, P.O. Box 51418, Palo 
Alto, CA 94303, US, 
Patent and Priority Information (Country, Number, Date): 

Patent: WO 200354662 A2-A3 20030703 (WO 0354662) 

Application: WO 2002US40185 20021217 (PCT/WO US02040185) 

Priority Application: US 200128581 20011220 
Designated States: 

(Protection type is "patent" unless otherwise stated - for applications 
prior to 2004) 

AE AG AL AM AT AU AZ BA BB BG BR BY BZ CA CH CN CO CR CU CZ DE DK DM DZ 
EC EE ES FI GB GD GE GH GM HR HU ID IL IN IS JP KE KG KP KR KZ LC LK LR 
LS LT LU LV MA MD MG MK MN MW MX MZ NO NZ OM PH PL PT RO RU SC SD SE SG 
SK SL TJ TM TN TR TT TZ UA UG UZ VC VN YU ZA ZM ZW 

(EP) AT BE BG CH CY CZ DE DK EE ES FI FR GB GR IE IT LU MC NL PT SE SI SK 
TR 

(OA) BF BJ CF CG CI CM GA GN GQ GW ML MR NE SN TD TG 

(AP) GH GM KE LS MW MZ SD SL SZ TZ UG ZM ZW 

(EA) AM AZ BY KG KZ MD RU TJ TM 
Publication Language: English 
Filing Language: English 
Fulltext Word Count: 9183 

A SYSTEM AND METHOD FOR PREVENTING UNAUTHORIZED USE OF PROTECTED 

SOFTWARE UTILIZING A PORTABLE SECURITY DEVICE 
Inventor(s): 
... CRONCE Paul A 
Patent Applicant/Inventor: 
Fulltext Availability: 

Detailed Description 

Claims 

English Abstract 
A method and system for protecting software from 
unauthorized use on a computer system using an external security device 
(130) is disclosed. The method and system include encrypting the 
software to be protected using an encryption key. The 
use of the software on the computer system is then 
authorized by generating the encryption key within the security device 
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(130) using information supplied from the softwre. Once the encryption 
key generated by the security device (130) is received on the computer 
system, the encryption key used to decrypt the encrypt 
software for execution on the computer system. 



Detailed Description 
A SYSTEM AND METHOD FOR PREVENTING UNAUTHORIZED USE OF 
PROTECTED SOFTWARE UTILIZING A PORTABLE SECURITY 
DEVICE 

FIELD OF THE INVENTION 

The present invention relates generally to the prevention of 
software piracy and more particularly to preventing 
unauthorized use of protected software by utilizing a 
portable personal security device. 

BACKGROUND OF THE INVENTION 

The problem of software piracy is well known in the 

computer industry. This problem results in substantial losses for 

software developers. Many methods have been used to 

try to prevent unauthorized use of software over the 

years, with limited success. Typically, the effort put out to break 

protection schemes is proportional to the value of the protected 

software. Thus, if a software 

program has high demand, such as a computer game, or 

has a high cost per unit, such as a professional tool sold to a small 

market, it is likely to be attacked by software 

hackers for the purpose of creating an unprotected version of the 

product. This unprotected version is then made available to others at low 

cost or recording industry and computer games 

industry, that some companies are unable to guarantee' the profitability 
of developing new software. 

Some of the methods of protecting software has 
included an external 

hardware device, which is plugged into the computer. This device is 
interrogated by the protected software for the purpose 
of authorizing the use of the software. 

Unfortunately, it is all too easy to analyze the 
software and provide a software 

bypass around the code which requests the authorization. More complex 
schemes have been used to obscure the authorization process and 
protection scheme in an attempt... In the music industry, co-processor 
cards are used, along with the host 

processor, to provide complex effects and sound processing via plug-in 

coprocessor software modules. Such co-processor cards 

can al so be used for other purposes. Because the co-processor 

instruction sets are difficult and very complex, the potential market is 

small. The result is that the cost of co-processor 

software plug-in modules is high. Unfortunately, the 

high cost of the modules has resulted in a high percentage of 

unauthorized copies of the plug-in. ..on an attached coprocessor. The 
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present invention addresses such a need. 



20/3,K/2 (item 2 from file: 349) 
DIALOG(R)File 349: PCT FULLTEXT 
(c) 2009 WIPO/Thomson. All rights reserved. 

00809296 **Image available** 

PORTABLE AUTHORIZATION DEVICE FOR AUTHORIZING USE OF PROTECTED INFORMATION 

AND ASSOCIATED METHOD 
PROCEDE ET DISPOSITIF D'AUTORISATION PORTATIF PERMETTANT D'AUTORISER 

L'UTILISATION D'lN FORMATIONS PROTEGEES 
Patent Applicant/ Assignee: 
PACE ANTI-PIRACY INC, 1363 Meridian Avenue, San Jose, CA 95125, US, US 
(Residence), US (Nationality), (For all designated states except: US) 
Patent Applicant/Inventor: 
CRONCE Paul Allen, 1475 Weaver 
Drive, San Jose, CA 95125, US, US (Residence), US (Nationality), 
(Designated only for: US) 
FONTANA Joseph M, 966 El Rio Drive, San Jose, CA 95125, US, US 
(Residence), US (Nationality), (Designated only for: US) 
Legal Representative: 
HAN Franklin Y (et al) (agent), Morrison & Foerster LLP, 755 Page 
Mill Road, Palo Alto, CA 94304-1018, US, 
Patent and Priority Information (Country, Number, Date): 
Patent: WO 200142888 Al 20010614 (WO 0142888) 

Application: WO 2000US12906 20000510 (PCT/WO US0012906) 

Priority Application: US 99169506 19991207; US 2000503778 20000214 
Parent Application/Grant: 

Related by Continuation to: US 2000503778 20000214 (CIP) 
Designated States: 

(Protection type is "patent" unless otherwise stated - for applications 
prior to 2004) 

AE AG AL AM AT AU AZ BA BB BG BR BY CA CH CN CR CU CZ DE DK DM DZ EE ES 
FI GB GD GE GH GM HR HU ID IL IN IS JP KE KG KP KR KZ LC LK LR LS LT LU 
LV MD MG MK MN MW MX NO NZ PL PT RO RU SD SE SG SI SK SL TJ TM TR TT UA 
UG US UZ VN YU ZA ZW 

(EP) AT BE CH CY DE DK ES FI FR GB GR IE IT LU MC NL PT SE 

(OA) BF BJ CF CG CI CM GA GN GW ML MR NE SN TD TG 

(AP) GH GM KE LS MW SD SL SZ TZ UG ZW 

(EA) AM AZ BY KG KZ MD RU TJ TM 
Publication Language: English 
Filing Language: English 
Fulltext Word Count: 15293 

Patent Applicant/Inventor: 
CRONCE Paul Allen... 

Legal Representative: 
Fulltext Availability: 

Detailed Description 

Claims 
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Detailed Description 

... beginning of each regular issue of'the PCT Gazette. 

PORTABLE AUTHORIZATION DEVICE 

FOR AUTHORIZING USE OF PROTECTED INFORMATION 

AND ASSOCIATED METHOD 

CROSS-REFERENCE TO RELATED APPLI CATI ONS 
This application claims priority to provisional 
Application No. 60/169,506, filed December 7, 1999 and 
to utility Application No. 09/50' ),778, filed 
February 14, 2000. 

1 0 BACKGROUND OF THE INVENTION 
I . Field of the Invention 

This invention relates generally to techniques... 

...authorization device (commonly known as a "dongle") for authorizing a 
host system to use protected information. 
1 5 

2. Description of the Related Art 

A software "wrapper" is a conu-nonly used technique 

for selectively authorizing the use of protected information associated 

with a host system such as a personal computer or a server. The protected 

information, for example, may comprise a software 

program to be executed, or data to be processed, by 

the host system. The software wrapper permits an 

end-user to access or execute the protected program or 

data only if a predetermined condition is met. The predetermined 

condition can be, for example, the running of a trial period that allows 

the end-user to evaluate the protected program or data 

or the presentation of the proper authorization information by the 

end-user. The authorization information, for example, may be a password 

manually entered by the end-user or digitally encoded data. A discussion 

of software wrappers can be found, for example, in The 

Seybold Report on Internet Publishing, Dec. 1997, no. 4, vol. 2, p. 3. 

There are several techniques... 

...Dongles are small, readily transportable electronic devices as 
described, for example, in U.S. Patent No. 4,562,306. Dongles are 
typically provided by the software vendor together 
with the wrapped software program 
they are intended to authorize. 

To enable the software program to 

run on a particular computer, the end-user simply connects the dongle to 
a communications port of the computer, such as a parallel port or 
Universal Serial Bus (USB) port. Therefore, the end-user can authorize a 
number of different computers to run the program 
simply by connecting the dongle to whichever computer that he or she 
desires to run the program on at any given time. 

However, a disadvantage presented by dongles is that they typically store 
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authorization information for only one software 
program or perhaps for a group of 
software I 0 programs from a single 

vendor. Consequently, because an end-user typically might use several 
software programs from multiple 

vendors at any given time, he or she might have to carry around multiple 
dongles, which could be cumbersome and inconvenient. 

Another disadvantage is that the authorization information stored in the 

dongle is typically set by the software vendor during 

manufacture and generally cannot be 1 5 subsequently updated. As a 

result, when a software vendor provides an end-user 

with a software upgrade, add-on or plug-in, etc. for a 

protected software program, the 

vendor often also delivers a new dongle to authorize the associated 

software. This is not very costeffective for 

software vendors because the cost of the dongle itself 

can be significant in relation to the value of the associated 

software. 

In a second technique known in the art, the authorization information is 
stored on a magnetic floppy disk known as a "key diskette." The key... 

20/3, K/3 (Item 1 from file: 350) 
DIALOG(R)File 350: Derwent WPIX 
(c) 2009 Thomson Reuters. All rights reserved. 

0013615529 - Drawing available 
WPI ACC NO: 2003-710864/200367 
XRPX Acc No: N2003-568440 

Software license information delivery method, involves 

validating signed license using publisher public key and using terms to 

control use of software product 

Patent Assignee: CRONCE PA (CRON-I) 

Inventor: CRONCE P A 

Patent Family (1 patents, 1 countries) 

Patent Application 

Number Kind Date Number Kind Date Update 

US 20030149670 Al 20030807 US 200272597 A 20020205 200367 B 

Priority Applications (no., kind, date): US 200272597 A 20020205 

Patent Details 

Number Kind Lan Pg Dwg Filing Notes 
US 20030149670 Al EN 20 10 

Software license information delivery method, involves 

validating signed license using publisher public key and using terms to 

control use of software product 

Original Titles: 

Method and system for delivery of secure software 
license information 
Inventor: CRONCE P A 
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Alerting Abstract ...response to a key authority receiving a signed 
license request. The license is signed with a publisher private key and is 
transmitted to an authorizing program. The signed 
license is va... 

...lidated using the publisher public key and the license terms are used to 
control use of software product.USE - Used for 
delivering license information to control licensed 
software usage... 

...DESCRIPTION OF DRAWINGS - The drawing shows a flow diagram for the 
process of delivering secure license information to a 
software program . 

Title Terms/Index Terms/ Additional Words: SOFTWARE; 

Original Publication Data by Authority 

Argentina 

Assignee name & address: 
Inventor name & address: 
Cronce, Paul A... 
Examiner: 
Original Abstracts: 

A system and method for delivery of secure software 
license information to authorize the use of a 
software program is disclosed. 
The method and system comprises a 
computer system for executing the software 
program and the authorizing 
program, and a license server, 

connected to the computer system over a network. The method and system 

include associating a publisher certificate and a signed product key pair 

with the program to be authorized, 

generating a license request containing user and product 

information and signed by the private key from the product key pair, 

transmitting the license request to a... 

...the license request and license terms, signing the license with the 

publisher private key associated with the publisher certificate, 

transmitting the license to the authorization program, 

validating the license using the publisher certificate, 

and using the license terms to control the use of the 

software program. 

Claims: 

What is claimed is: 1 . A method for the delivery of secure 
software license information to authorize use of a 
software product, the method 
comprising the steps of: (a) associating with a 
software publisher a private and 
public key pair, 



EIC3600 SEARCH RESULTS 



36 



11/12/2009 



wherein the software publisher 
provides the software product and 
includes a 
software program 
and an authorization program 
within the software product; (b) 
associating a product private and 
public key with the 

software product, and including the product private key 

with the authorization program; (c) 

upon invocation of the software 

product on a computer, (i) generating by the 

authorization program a license request containing 

user and product information, (ii) digitally signing the 

license request with the product private key, and (iii) 

transferring the signed license request to a key authority, (d) in 

response to the key authority receiving the signed license request... 

...from the license request and license terms, (ii) signing the license 
with the publisher private key, and (iii) transmitting the signed license 
to the authorizing program ; and (e) validating the 
signed license using the publisher public key, and using the license terms 
to control the use of the software product. 
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17/3,K/1 (Item 1 from file: 15) 
DIALOG(R)File 15: ABI/Inform(R) 
(c) 2009 ProQuest Info&Learning. All rights reserved. 

00759575 94-08967 

A public key extension to the Common Cryptographic Architecture 
Le, An V; Matyas, Stephen M; Johnson, Donald B; Wilkins, John D 
IBM Systems Journal v32n3 PP: 461-485 1993 
ISSN: 0018-8670 JRNL CODE: ISY 
WORD COUNT: 16326 

...TEXT: key-based key distribution, on-line access to a key distribution 
center is usually needed each time the communicating parties establish an 
initial keying relationship. Second, in 
public-key-based key distribution, 

the degree of trust placed on the central authority (e.g., a certification 
center) is generally less than the degree of trust... the public key 
extension and implemented in the Transaction Security System are now 
presented. 

PKA subsystem management services. The PKA subsystem management services 
allow an authorized application to 

initialize and manage the public key extension components of the 
cryptographic subsystem. The services that belong to this category are the 
profile vector build. ..of a distributed public key need not be kept secret, 
but it is required to have integrity. If another user with a different 
private and public key 

pair can cause his or her public key to be mistaken for 

a public key of a legitimate user, that user can pretend to be the... 



[insert] 
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V. Text Search Results from Dialog 



a, Full Text Databases 

File EBusiness & Industry(R) Jul/1994-2009/Nov 11 

(c) 2009 Gale/Cengage 
File 16:Gale Group PROMT(R) 1990-2009/Oct 19 

(c) 2009 Gale/Cengage 
File 20: Dialog Global Reporter 1997-2009/Nov 12 

(c) 2009 Dialog 
File 15:ABI/Inform(R) 1971-2009/Nov 11 

(c) 2009 ProQuest Info&Learning 
File 148:Gale Group Trade & Industry DB 1976-2009/Nov 12 

(c) 2009 Gale/Cengage 
File 160:Gale Group PROMT(R) 1972-1989 

(c) 1999 The Gale Group 
File 275:Gale Group Computer DB(TM) 1983-2009/Oct 13 

(c) 2009 Gale/Cengage 
File 610:Business Wire 1999-2009/Nov 12 

(c) 2009 Business Wire. 
File 613: PR Newswire 1999-2009/Nov 12 

(c) 2009 PR Newswire Association Inc 
File 621:Gale Group New Prod.Annou.(R) 1985-2009/Oct 05 

(c) 2009 Gale/Cengage 
File 636:Gale Group Newsletter DB(TM) 1987-2009/Oct 19 

(c) 2009 Gale/Cengage 
File 624:McGraw-Hill Publications 1985-2009/Nov 12 

(c) 2009 McGraw-Hill Co. Inc 
File 634:San Jose Mercury Jun 1985-2009/Oct 28 

(c) 2009 San Jose Mercury News 
File 810:Business Wire 1986-1999/Feb 28 

(c) 1999 Business Wire 
File 813: PR Newswire 1987-1999/Apr 30 

(c) 1999 PR Newswire Association Inc 
File 88:Gale Group Business A.R.T.S. 1976-2009/Nov 12 

(c) 2009 Gale/Cengage 
File 647: UBM Computer Fulltext 1988-2009/Nov W2 

(c) 2009 UBM, LLC 
File 674:Computer News Fulltext 1989-2006/Sep Wl 

(c) 2006 IDG Communications 
File 696:DIALOG Telecom. Newsletters 1995-2009/Nov 10 

(c) 2009 Dialog 
File 369:New Scientist 1994-2009/Nov Wl 

(c) 2009 Reed Business Information Ltd. 
File 484: Periodical Abs Plustext 1986-2009/Nov 11 

(c) 2009 ProQuest 
File 370:Science 1996-1999/Jul W3 

(c) 1999 AAAS 
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File 553:Wilson Bus. Abs. 1982-2009/Nov 
(c) 2009 The HW Wilson Co 

? ds 



Set Items Description 

51 40119441 SOFTWARE OR APP OR APPS OR APPLICATION? ? OR PROGRAM OR PR- 

OGRAMS OR PROGRAMME? ? 

52 189919 Sl(5N)(AUTHORIZ? OR AUTHORIS?) 

53 11525 LICENSE? ?(5N)REQUEST? ? 

54 19 S3(5N)(CREATE OR CREATES OR CREATING) 

55 229 (2ND OR SECOND)(3N)(PUBLIC()KEY? ?) 

56 28 S5(5N)ENCRYPT? 

57 79 (1ST FIRST OR PRIMARY)(5N)(PUBLIC()KEY? ?) 

58 0 S7(5N)DECRYPT? 

59 16963 MULTIPLE(3N)KEY? ? 

510 187 PUBLIC()KEY()PAIR? ? 

511 50368 (TRANSMIT? OR TRANSMISS? OR SEND OR SENDS OR SENDING OR FO- 

RWARD???)(5N)(AUTHORITY OR AUTHORITIES) 

512 0 AU = (CRONCE, P? OR CRONCE P? OR PAUL(2N)CRONCE) 

513 0 S2(S)S4 

514 52 S2(S)S3 

515 0 S14(S)(S6 OR S7) 

516 0 S14(S)S5 

517 0 S14(S)(S9 OR S10) 

518 0 S14(S)S11 

519 3 S1(S)S4 

520 2 RD (unique items) 

? 



20/3,K/l (Item 1 from file: 16) 
DIALOG(R)File 16: Gale Group PROMT(R) 
(c) 2009 Gale/Cengage. All rights reserved. 

04952860 Supplier Number: 47278370 (USE FORMAT 7 FOR FULLTEXT) 
Novell to Drive Separate Development Tracks 
Wirthman, Lisa 
PC Week, pl24 
April 7, 1997 

Language: English Record Type: Fulltext 

Document Type: Magazine/Journal; Tabloid; General Trade 

Word Count: 676 

12 servers on Intel Corp. -based hardware. 
Novell also will improve the value of NDS within IntranetWare this 
summer by integrating it with an Object Request Broker 
licensed from Visigenic Software Inc. 
to create a new trader service that will enable objects 
to be registered and managed in the directory. 
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Also, this summer, Novell will deliver free to IntranetWare... 



20/3, K/2 (Item 1 from file: 148) 
DIALOG(R)File 148: Gale Group Trade & Industry DB 
(c) 2009 Gale/Cengage. All rights reserved. 

09415946 SUPPLIER NUMBER: 19295899 (USE FORMAT 7 OR 9 FOR FULL TEXT) 
Novell to drive separate development tracks. (IntranetWare, network 

services applications) (Company Business and Marketing) 
Wirthman, Lisa 
PC Week, vl4, nl4, pl24(l) 
April 7, 1997 

ISSN: 0740-1604 LANGUAGE: English RECORD TYPE: Fulltext; Abstract 
WORD COUNT: 723 LINE COUNT: 00063 

12 servers on Intel Corp. -based hardware. 

Novell also will improve the value of NDS within IntranetWare this 
summer by integrating it with an Object Request Broker 
licensed from Visigenic Software Inc. 
to create a new trader service that will enable objects 
to be registered and managed in the directory. 

Also, this summer, Novell will deliver free to IntranetWare... 
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